CMS WebManager-Pro Vulnerabilities

Credit: MustLive
Risk: High
Local: No
Remote: Yes

Hello Bugtraq! I want to warn you about SQL Injection and Redirector (URL Redirector Abuse) vulnerabilities in CMS WebManager-Pro (SecurityVulns ID:11108). It's Ukrainian commercial CMS. SQL Injection: http://site/c.php?id=1%20and%20version()=5 Redirector: http://site/c.php?id=1&url= Affected products: both systems CMS WebManager-Pro from two developers. Vulnerable are versions CMS WebManager-Pro up to 8.1 (version from WebManager). Also SQL Injection (but not Redirector) exists in version of the system from FGS_Studio. Vulnerable are CMS WebManager-Pro v.7.4.3 (version from FGS_Studio) and previous versions. Developers from WebManager fixed SQL Injection vulnerability (but didn't fix Redirector) in version CMS WebManager-Pro 8.1. Developers from FGS_Studio didn't fix SQL Injection vulnerability. I mentioned about these vulnerabilities at my site ( Best wishes & regards, MustLive Administrator of Websecurity web site


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022,


Back to Top